Recherche Images Maps Play YouTube Actualités Gmail Drive Plus »
Connexion
Les utilisateurs de lecteurs d'écran peuvent cliquer sur ce lien pour activer le mode d'accessibilité. Celui-ci propose les mêmes fonctionnalités principales, mais il est optimisé pour votre lecteur d'écran.

Brevets

  1. Recherche avancée dans les brevets
Numéro de publicationUS7769697 B2
Type de publicationOctroi
Numéro de demandeUS 11/530,736
Date de publication3 août 2010
Date de dépôt11 sept. 2006
Date de priorité13 juil. 2000
État de paiement des fraisPayé
Autre référence de publicationUS7177849, US20020007352, US20070005514
Numéro de publication11530736, 530736, US 7769697 B2, US 7769697B2, US-B2-7769697, US7769697 B2, US7769697B2
InventeursJacques Fieschi, Jean-Francois Le Pennec, Patrick Michel, Pascal Roy
Cessionnaire d'origineInternational Busniess Machines Corporation
Exporter la citationBiBTeX, EndNote, RefMan
Liens externes: USPTO, Cession USPTO, Espacenet
Method for validating an electronic payment by a credit/debit card
US 7769697 B2
Résumé
A method for validating an electronic payment by a credit/debit card in a transaction system. The method includes registering a purchase of an article by a buyer using a credit/debit card associated with at least one PIN code, checking that the at least one PIN code is associated with the number of said credit/debit card provided by said buyer to said seller terminal, checking, by said electronic payment center, whether or not said at least one PIN code is valid, and one of: after the at least one PIN code is found to be valid, checking, by said electronic payment center, whether the electronic payment center has received a pre-validation from a third party; after the at least one PIN code is found to be valid, contacting a third party via a communication network and requesting that the third party validate the purchase; and after the at least one PIN code is found to be valid, contacting a third party via a communication network and requesting said at least one PIN code from the third party. The third party is a prime owner of the credit/debit card.
Images(3)
Previous page
Next page
Revendications(27)
1. A method for validating an electronic payment by a credit/debit card in a transaction system, comprising:
registering a purchase of at least one article by a buyer using a credit/debit card associated with at least one PIN code at a seller terminal connected to an electronic payment center by a communication network;
receiving, at the electronic payment center, information associated with the purchase from the buyer;
checking, by the electronic payment center, that the at least one PIN code which has been received by said electronic payment center from said buyer is associated with the number of said credit/debit card provided by said buyer to said seller terminal;
checking, by said electronic payment center, whether or not said at least one PIN code is valid; and
after the at least one PIN code is found to be valid, contacting a third party via a communication network and requesting said at least one PIN code from the third party,
wherein the third party is a prime owner of the credit/debit card.
2. The method according to claim 1, wherein said buyer has a terminal which is connected to the communication network and said terminal is configured to transmit the number of the credit/debit card.
3. The method according to claim 1, wherein the credit/debit card number and the at least one PIN code which have been provided to said seller terminal by said buyer are transmitted to said electronic payment center to check whether the at least one PIN code is associated with said credit/debit card number.
4. The method according to claim 3, wherein said electronic payment center checks in at least one profile table whether said PIN code is associated with the credit/debit card number.
5. A system for validating an electronic payment by a credit/debit card comprising a system adapted for carrying out the steps of the method according to claim 1.
6. The method of claim 1, wherein each PIN code of the at least one PIN code is used only once and a different PIN code of the at least one PIN code is used for a later transaction.
7. The method of claim 1, wherein the at least one PIN code is associated with two or more members of a group and the group is associated with the number of the credit/debit card.
8. The method of claim 7, wherein the at least one PIN code is different for different members of the group, and wherein the at least one PIN code authorizes a different purchasing amount for the different members of the group.
9. The method of claim 7, wherein the third party is a member of the group and the third party limits a transaction involving the credit/debit card to a pre-determined purchasing amount.
10. The method of claim 1, further comprising checking, by said electronic payment center, whether the electronic payment center has received a pre-validation from the third party.
11. A method for validating an electronic payment by a credit/debit card in a transaction system, comprising:
registering a purchase of at least one article by a buyer using a credit/debit card associated with at least one PIN code at a seller terminal connected to an electronic payment center by a communication network;
receiving, at the electronic payment center, information associated with the purchase from the buyer;
checking, by the electronic payment center, that the at least one PIN code which has been received by said electronic payment center from said buyer is associated with the number of said credit/debit card provided by said buyer to said seller terminal;
checking, by said electronic payment center, whether or not said at least one PIN code is valid; and
after the at least one PIN code is found to be valid, contacting a third party via a communication network and requesting said at least one PIN code from the third party, wherein the third party is a prime owner of the credit/debit card.
12. A system for validating an electronic payment by a credit/debit card comprising a system adapted for carrying out the steps of the method according to claim 11.
13. The method according to claim 11, wherein each PIN code of the at least one PIN code is used only once and a different PIN code of the at least one PIN code is used for a later transaction.
14. The method according to claim 11, wherein the at least one PIN code is associated with two or more members of a group and the group is associated with the number of the credit/debit card.
15. A method for validating an electronic payment by a credit/debit card in a transaction system, comprising:
registering a purchase of an article by a buyer using a credit/debit card associated with at least one PIN code at a seller terminal connected to an electronic payment center by a communication network;
receiving, at the electronic payment center, information associated with the purchase from the buyer;
checking, by the electronic payment center, that the at least one PIN code which has been received by said electronic payment center from said buyer is associated with a number of said credit/debit card provided by said buyer to said seller terminal;
checking, by said electronic payment center, whether or not said at least one PIN code is valid; and
after the at least one PIN code is found to be valid, performing each of:
checking, by said electronic payment center, whether the electronic payment center has received a pre-validation from a third party; and
contacting a third party via a communication network and requesting that the third party validate the purchase using at least one PIN code from the third party, wherein the third party is a prime owner of the credit/debit card.
16. The method according to claim 15, further comprising transmitting, with the seller terminal, the number of the credit/debit card.
17. The method according to claim 15, further comprising checking, by the electronic payment center, whether the at least one PIN code is associated with the credit/debit card number in at least one profile table.
18. A system for validating an electronic payment by a credit/debit card comprising a system adapted for carrying out the steps of the method according to claim 15.
19. The method according to claim 15, wherein each PIN code of the at least one PIN code is used only once and a different PIN code of the at least one PIN code is used for a later transaction.
20. The method according to claim 15, wherein the at least one PIN code is associated with two or more members of a group and the group is associated with the number of the credit/debit card.
21. The method according to claim 1, wherein the receiving information comprises receiving an encrypted message at the electronic payment center.
22. The method according to claim 21, wherein the electronic payment center receives the pre-validation from the third party in the form of the at least one PIN code from the third party.
23. The method according to claim 21, wherein, when the electronic payment center does not receive the pre-validation from the third party, the electronic payment center contacts the third party and obtains the at least one PIN code from the third party in order to compare it to the at least one PIN code provided by said buyer.
24. The method according to claim 1, wherein the information comprises the at least one PIN code.
25. The method of claim 24, wherein the information includes an identification of the purchase and a date and time of the purchase.
26. The method of claim 25, wherein the information is sent at a same time that the buyer sends an order through the network to the seller terminal.
27. The method of claim 26, wherein the information is encrypted.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation of parent U.S. patent application Ser. No. 09/810,286, filed on Mar. 16, 2001, the disclosure of which is expressly incorporated by reference herein in its entirety. Further, the present application claims priority under 35 U.S.C. §119 of European Patent Application No. 00480058.7 filed on Jul. 13, 2000, the disclosure of which is hereby incorporated by reference herein in its entirety.

TECHNICAL FIELD

The present invention relates generally to the methods and systems for enhancing the security of the electronic transactions using a credit or debit card and relates in particular to a method for validating an electronic payment by a credit/debit card.

BACKGROUND OF THE INVENTION

The electronic payment is more and more used to perform transactions, in particular through the Internet network. In such a case, a seller provides an electronic catalog for selling articles or even services through Internet. Any buyer connected by a terminal to Internet can consult the catalog and purchase the proposed articles by sending his order to the seller through Internet together with his credit/debit card number (herein after referred to as “card number”).

Generally, the payment is validated by using an electronic payment center which is also connected to the Internet network. Such a center is connected to the banking companies and authorized/certified by these banking companies. At the same time the buyer orders the articles to the seller, he transmits his PIN (Personal Identification Number) code to the electronic payment center together with the identification of the purchased articles, the date and the time of the purchase. Upon receiving the order, the seller sends the identification of the articles, the time and date and the card number to the electronic payment center which can then validate the payment after checking that the PIN code number corresponds to the card number.

But, in such an electronic payment, it is always the buyer who decides and validates the transaction. Now, considering the increase of electronic payment through the Internet network, and considering the need that such a system may be available to several people depending upon a single credit like to young people (children) or old people (grandparents) who are sometimes overtaken by the today techniques, it is a problem not having such a transaction being validated by the prime owner of the credit card, or in a general way by a third party.

SUMMARY OF THE INVENTION

Accordingly, the main object of the invention is to achieve a method for validating by a third party an electronic payment using a credit/debit card.

The invention relates therefore to a method for validating an electronic payment by a credit/debit card in a transaction system comprising a seller terminal for registering a sale of one or several articles by a buyer using a card associated with a plurality of PIN codes and an electronic payment center connected to the seller terminal by the Internet network, the method consisting for the electronic payment center to check that a buyer PIN code which is provided by the buyer to the center is associated with the number of the credit/debit card provided by the buyer to the seller terminal. Such a method is characterized in that it further comprises the step automatically carried out by the electronic payment center of checking with a third party whether the buyer PIN code is valid.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects, features and advantages of the invention will be better understood by reading the following more particular description of the invention in conjunction with the accompanying drawings wherein

FIG. 1 is a block-diagram of a system wherein a buyer orders articles to a seller and performs the payment to an electronic payment center through the Internet network.

FIG. 2 is a flow chart of the steps performed in the electronic payment center in order to achieve the method according to the invention.

DETAILED DESCRIPTION OF THE INVENTION

According to the invention, a buyer terminal 10, a seller terminal 12 and an electronic payment center 14 are all connected to the Internet network 16. When the buyer wants to order articles after having consulted an electronic catalog, he sends the order through the network to the seller terminal 12. For this, he sends with an encryption key 1 provided by the seller at the initialization of the transaction, the necessary information that is the credit/debit card number, the identification of the ordered articles and the time and date of the purchase. At the same time, the buyer sends through the Internet another message which is encrypted by an encryption key 2 to the electronic payment center 14, this message containing the identification of the purchased articles, and the time and date of the purchase. After receiving the purchase order, the seller terminal 12 sends with an encryption key 3 the information necessary to achieve the electronic payment, that is the identification of the articles and the time and date of the purchase, and also a PIN code number. Note that encryption key keys 2 and 3 have been previously provided by the electronic payment center to respectively the buyer 10 and the seller 12.

It must be noted that generally the buyer 10 is remote from the seller and the transaction between them is made through Internet. But it is possible that a buyer 11 be in the seller shop. In such a case, the necessary information is directly provided by the buyer and the information containing the PIN code is transmitted from the terminal seller 12 to the electronic payment center.

After receiving the PIN code number from the buyer 10, the electronic payment center 14 checks whether the PIN code number being received is a valid PIN code by checking in profile tables 18, the entries of which are the card numbers, and giving some other information for each PIN code such as the authorized amount. If so, the electronic payment center 14 launches a validation process by contacting a third party 20 through a phone network 22. It must be noted that such a phone network is preferably a wireless phone network wherein the third party 20 is the owner of a mobile phone because the third party can be always contacted (assuming the third party's mobile phone is always activated). Note also that the phone network could be replaced by any kind of transmission network, and in particular, the Internet network.

The steps of the method according to the invention, performed in the electronic payment center are now described in reference to the flow chart of FIG. 2. As already mentioned, the card number and the PIN code of the buyer are first received (step 30) by the electronic payment center from respectively the buyer and the seller. After receiving this information, the computer of the electronic payment center performs a profile checking (step 32) by consulting a profile table (see FIG. 1). In fact, there are different PIN codes corresponding to the card number which can, for example, be derived from the original PIN code by some algorithm like a scrambling algorithm. Thus, the prime owner of the card may give to other people a copy of the card (for example, a man can give one copy to his wife and one copy to each of his children). All these people have different PIN codes and so, they will be differently identified during a payment transaction.

Coming back to FIG. 2, the profile tables enable the validating party to know whether the PIN code provided by the buyer is valid (step 34). If not, an electronic error message is sent to the buyer terminal (step 36). If the PIN code corresponds to one of the valid codes associated with the card, the computer of the electronic payment center can check additional information within the profile tables, for example, the maximum amount authorized for this PIN code and whether the price of the purchased articles is less than the maximum amount (step 38). If not, an electronic error message is sent to the buyer terminal (step 40).

When the requested amount is below the authorized maximum, the computer of the electronic payment center checks whether it has received in a previous interval of time (for example one hour) a prevalidation from the third party including the delivery of the PIN code (step 42). It must be noted that this prevalidation can occur at any time and also canceled at any time by the third party calling the computer of the electronic payment center and through interactive dialog using a phone keyboard.

When such a prevalidation has been received, the computer of the electronic payment center validates the transaction (step 44) after having cleared (step 46) the prevalidation information (so, it is no more valid for a potential next transaction). When there is no prevalidation, the computer calls the third party (step 48) and through artificial voice, asks for the authorized PIN code to determine whether the PIN code provided by the buyer is a correct PIN code (step 50). If so, the transaction is validated (step 44). If the PIN code provided by the third party does not correspond to the PIN code provided by the buyer, an electronic error message is sent to the buyer terminal (step 52).

Citations de brevets
Brevet cité Date de dépôt Date de publication Déposant Titre
US48374228 sept. 19876 juin 1989Juergen DethloffMulti-user card system
US528505511 sept. 19918 févr. 1994Kabushiki Kaisha ToshibaIC card and read/write control method for controlling data readout/data write-in with respect to data storing means contained in IC card
US570842231 mai 199513 janv. 1998At&TTransaction authorization and alert system
US5914472 *23 sept. 199722 juin 1999At&T CorpFor the procurement of goods, services or distribution of currency
US5953710 *9 oct. 199614 sept. 1999Fleming; Stephen S.Computer-implemented method
US59639264 mars 19975 oct. 1999Hitachi, Ltd.Computer implemented method, system and apparatus for processing various transactions using a plurality of transaction cards
US5999596 *6 mars 19987 déc. 1999Walker Asset Management LimitedMethod and system for controlling authorization of credit card transactions
US5999624 *24 déc. 19967 déc. 1999Compaq Computer CorporationRemote financial transaction system
US6014650 *19 août 199711 janv. 2000Zampese; DavidPurchase management system and method
US6098053 *26 janv. 19991 août 2000Citibank, N.A.System and method for performing an electronic financial transaction
US62054372 mars 199820 mars 2001Open Market, Inc.Open network payment system for providing for real-time authorization of payment and purchase transactions
US6213391 *10 sept. 199710 avr. 2001William H. LewisPortable system for personal identification based upon distinctive characteristics of the user
US632757829 déc. 19984 déc. 2001International Business Machines CorporationFour-party credit/debit payment protocol
US674836721 sept. 20008 juin 2004Joonho John LeeMethod and system for effecting financial transactions over a public network without submission of sensitive information
US685398727 oct. 19998 févr. 2005Zixit CorporationCentralized authorization and fraud-prevention system for network-based transactions
US7136841 *23 nov. 200414 nov. 2006Zix CorporationCentralized authorization and fraud-prevention system for network-based transactions
US200100395359 févr. 20018 nov. 2001Tsiounis Yiannis S.Methods and systems for making secure electronic payments
US2002007783714 déc. 200020 juin 2002Scott KruegerSecure networked transaction system
US20030212642 *11 mars 200313 nov. 2003Visa International Service AssociationOnline payer authentication service
FR2720176A1 Titre non disponible
FR2769736A1 Titre non disponible
GB2289783A Titre non disponible
KR20000036972A Titre non disponible
WO1999045693A14 mars 199910 sept. 1999Walker Asset Management LtdMethod and system for controlling authorization of credit card transactions
Citations hors brevets
Référence
1Final Office Action dated Apr. 1, 2004 for U.S. Appl. No. 09/810,286.
2Final Office Action dated Jan. 18, 2006 for U.S. Appl. No. 09/810,286.
3Final Office Action dated May 9, 2005 for U.S. Appl. No. 09/810,286.
4Meyer et al., "Some Cryptographic Principles of Authentication in Electronic Funds Transfer Systems", 1981, IEEE.
5Non-Final Office Action dated Apr. 6, 2006 for U.S. Appl. No. 09/810,286.
6Non-Final Office Action dated Oct. 10, 2003 for U.S. Appl. No. 09/810,286.
7Non-Final Office Action dated Oct. 15, 2004 for U.S. Appl. No. 09/810,286.
8Non-Final Office Action dated Sep. 12, 2005 for U.S. Appl. No. 09/810,286.
9Notice of Allowance dated Jan. 9, 2007 for U.S. Appl. No. 09/810,286.
Référencé par
Brevet citant Date de dépôt Date de publication Déposant Titre
US819554924 juin 20115 juin 2012Consumerinfo.Com, Inc.Systems and methods of on-line credit information monitoring and control
US831203326 juin 200913 nov. 2012Experian Marketing Solutions, Inc.Systems and methods for providing an integrated identifier
US851584415 mai 201220 août 2013Consumerinfo.Com, Inc.Systems and methods of on-line credit information monitoring and control
US874495624 août 20123 juin 2014Experian Information Solutions, Inc.Systems and methods for permission arbitrated transaction services
US87822179 nov. 201115 juil. 2014Safetyweb, Inc.Online identity management
Classifications
Classification aux États-Unis705/72, 705/64, 705/78, 713/156, 705/50
Classification internationaleG06Q20/00, G06Q99/00, G07F7/08, G07F7/10
Classification coopérativeG06Q20/347, G06Q20/4014, G06Q20/401, G06Q20/4012, G07F7/08, G07F7/1075, G06Q20/04, G06Q20/382, G06Q20/085, G06Q20/02, G06Q20/0855, G06Q20/4037, G06Q20/425, G07F7/10
Classification européenneG06Q20/04, G06Q20/02, G06Q20/085, G06Q20/4012, G06Q20/382, G06Q20/0855, G06Q20/4014, G06Q20/425, G06Q20/347, G06Q20/401, G07F7/10P8, G06Q20/4037, G07F7/10, G07F7/08
Événements juridiques
DateCodeÉvénementDescription
8 janv. 2014FPAYFee payment
Year of fee payment: 4
20 déc. 2012ASAssignment
Owner name: EBAY INC., CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTERNATIONAL BUSINESS MACHINES CORPORATION;REEL/FRAME:029514/0190
Effective date: 20120928